CVE-2006-0288

Technical details for CVE-2006-0288 are not publicly available in the provided documents. The material only notes multiple unspecified vulnerabilities in Oracle Reports Developer without affected versions, vectors, impacts, or remediation.

CVE-2006-0273

Technical details for CVE-2006-0273 are not publicly provided in the supplied documents. Monitor for updates from official advisories; the records only note an unspecified vulnerability in the Oracle Portal component.

CVE-2006-0289

CVE-2006-0289 concerns Oracle Application Server 6.0.8.26 (PS17) and related E-Business Suite/Applications 11.5.10 with multiple vulnerabilities in Oracle Reports Developer (REP05/REP06). Connected sources link REP05 to CVE-2005-2378 (directory traversal for read access) and REP06 to CVE-2005-237...

CVE-2006-0274

Technical details for CVE-2006-0274 are not publicly provided in the supplied documents. Monitor for updates from Oracle/vendor advisories; current entries note unspecified impact, but no concrete exploit vectors or version-specific remediation are available here.

CVE-2006-0285

Unspecified vulnerability in the Java Net component of Oracle Database Server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.4, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Oracle Vuln JN01...

CVE-2006-0291

Multiple unspecified vulnerabilities in Oracle Database Server 10.2.0.1, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 Oracle9i, and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 WF02...

CVE-2006-0287

Affected software: Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and Application Server 10.1.2.0.2. The CVE-2006-0287 entry is described as an unspecified vulnerability with unspecified impact/attack vectors per Oracle (Oracle Vuln# OHS02). Some connected sources (Oracle HTTP Se...

CVE-2006-0289

Multiple unspecified vulnerabilities in Oracle Application Server 6.0.8.26PS17 and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 REP05 and 2 REP06 in the Oracle Reports Developer component. NOTE: Oracle has not disputed reliab...

CVE-2006-0288

Multiple unspecified vulnerabilities in the Oracle Reports Developer component of Oracle Application Server 9.0.4.1 and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln 1 REP01 and 2 REP02...

CVE-2006-0286

Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Oracle Vuln OHS01...

CVE-2006-0274

Unspecified vulnerability in the Oracle Reports Developer component of Oracle Application Server 9.0.4.2 and 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln REP03...

[Full-disclosure] Oracle Reports - Read parts of files via desname (fixed after 874 days)

Hello FD-Reader It took only 874 days to fix this problem. Summary and additional information concerning the Oracle January 2006 CPU is available here: http://www.red-database-security.com/advisory/oraclecpujan2006.html http://www.red-database-security.com/advisory/oraclereportsreadanyfi le.html...

[Full-disclosure] Oracle Reports - Overwrite any application server file via desname (fixed after 889 days)

Hello FD-Reader It took only 889 days to fix this problem. Summary and additional information concerning the Oracle January 2006 CPU is available here: http://www.red-database-security.com/advisory/oraclecpujan2006.html http://www.red-database-security.com/advisory/oraclereportsoverwritea...

Low: Red Hat Security Advisory: struts security update for Red Hat Application Server

Updated Red Hat Application Server components are now available including a security update for Struts. This update has been rated as having low security impact by the Red Hat Security Response Team. Red Hat Application Server packages provide a J2EE Application Server and Web container as well a...

CVE-2005-4813

Unspecified vulnerability in Report Application Server Crystalras.exe before 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote attackers to cause a denial of service application hang via certain network traffic...

CVE-2005-4805

Unspecified vulnerability in Sun Java System Application Server 7 Standard and Platform Edition 6 and earlier, and 2004Q2 Standard and Platform Edition Update 2 and earlier, allows remote attackers to obtain the source code for Java Server pages JSP via unknown vectors...

CVE-2005-4833

IBM WebSphere Application Server WAS 6.0 before 20050201, when serving pages in an Application WAR or an Extended Document Root, allows remote attackers to obtain the JSP source code and other sensitive information via "a specific JSP URL," related to lack of normalization of the URL format...

CVE-2005-4550

The PORTAL schema in Oracle Application Server OracleAS Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a dfnextpage parameter with a trailing null byte %00...

CVE-2005-4550

CVE-2005-4550 affects the PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet. The vulnerability allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter that can contain a trailing null byte (%00). This is caused ...

CVE-2005-4549

Cross-site scripting XSS vulnerability in Oracle Application Server OracleAS Discussion Forum Portlet allows remote attackers to inject arbitrary web script or HTML via the 1 RowKeyValue parameter in the PORTAL schema; and the 2 title and 3 content input fields when creating an forum article...